Ethereum’s (ETH) Constantinople hard fork faces a delay over a newly discovered security vulnerability allowing a reentrancy attack. The critical issue was detected by smart contract audit firm ChainSecurity and reported in a blog post Jan. 15. According to the company’s report, the Constantinople upgrade introduces cheaper gas cost (transaction fees) for some operations on the Ethereum network. As an unexpected side effect, this allegedly enables reentrancy attacks via the use of certain commands in ETH smart contracts. A reentrancy vulnerability allows a potential attacker to steal cryptocurrency from a…
Read MoreTag: vulnerability
Vulnerability on Ethereum enables malicious GAS Minting
A newly discovered vulnerability on Ethereum allowing for malicious GasToken Minting was found. The development team already acknowledged the issue and informed most of the affected users on November 13, 2018, via private disclosure. The Attack Crypto exchanges usually allow the withdrawal of Ethereum to arbitrary addresses with no gas usage limit; since this executes a fall back function, attackers can use this to make exchanges pay for arbitrary computation, allowing them to force exchanges to burn their own Ethereum on high transaction costs. Moreover, this even gives attackers the…
Read More